smbpasswd -m -a gerard will create a machine account called gerard$ the $ means this is a machine smbpasswd -a gerard will create a user gerard in your smbpasswd file for using this passwd feature a system user has to be created before i.e. useradd -a gerard you can do this by using new smb.conf parameters, check man smb.conf here you have an example for a smb.conf for suse samba 3 as pdc #
# Generated by /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl # [global] browseable = no largereadwrite = yes passwdprogram = /usr/bin/passwd %u logonscript = login.bat logonhome = \\%L\%u bindinterfacesonly = Yes netbiosname = musi nameresolveorder = wins bcast hosts addsharecommand = /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl ntaclsupport = yes deletesharecommand = /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl usernamemap = /etc/samba/smbusers idmapuid = 15000-20000 winshook = /usr/share/doc/packages/samba3/examples/wins_hook/dns_update addmachinescript = /usr/sbin/useradd -g Machines -c Machine -d /dev/null -s /bin/false %u hostmsdfs = Yes printcapname = cups deleteuserscript = /usr/sbin/userdel -r %u domainlogons = yes shutdownscript = /sbin/shutdown logfile = /var/log/samba/%m socketoptions = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF winsproxy = Yes logondrive = Z: addusertogroupscript = /usr/bin/gpasswd -a %u %g workgroup = MUSI pampasswordchange = Yes idmapgid = 15000-20000 domainmaster = yes adminusers = root, Administrator timeserver = yes ldapssl = no displaycharset = ISO8859-1 addgroupscript = /usr/sbin/groupadd -r %g abortshutdownscript = /sbin/shutdown -c deleteuserfromgroupscript = /usr/bin/gpasswd -d %u %g vetofiles = /*.eml/*.nws/riched20.dll/*.{*}/.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/.*/ delete veto files = yes loglevel = 2 adduserscript = /usr/sbin/useradd -m %u hidedotfiles = yes setprimarygroupscript = /usr/sbin/usermod -g '%g' '%u' usesendfile = Yes unixcharset = ISO8859-1 interfaces = lo, eth1, eth2 hidefiles = /.*/DesktopFolderDB/TrashFor%m/resource.frk/ hostsallow = 127., 10.10.10. keepalive = 255 passdbbackend = smbpasswd:/etc/samba/smbpasswd, guest deletegroupscript = /usr/sbin/groupdel %g loadprinters = No serverschannel = Yes localmaster = yes unixpasswordsync = Yes winssupport = Yes logonpath = \\%L\%U\profile passwdchat = *password* %n\n *password* %n\n *changed* changesharecommand = /usr/share/doc/packages/samba3/examples/misc/modify_samba_config.pl doscharset = CP850 syslog = 0 utmp = Yes oslevel = 255 vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ## Section - [files] [files] readonly = No cscpolicy = disable comment = public files browseable = yes writeable = yes path = /files/pub guestok = yes vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ## Section - [homes] [homes] readonly = No comment = Home Directories browseable = No cscpolicy = disable guest ok = No vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ## Section - [netlogon] [netlogon] sharemodes = No rootpreexec = /var/lib/samba/netlogon/login.pl %U %G %m %L comment = Netlogon Share browseable = No path = /var/lib/samba/netlogon guestok = Yes writelist = @ntadmin locking = no public = no cscpolicy = disable vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ## Section - [smbmonitor] [smbmonitor] readonly = No cscpolicy = disable comment = security smb logs browseable = no writeable = yes path = /smbmonitor guestok = yes vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ## Section - [wincd] [wincd] readonly = No cscpolicy = disable comment = security smb logs browseable = no path = /wincd/win2k/mnt writelist = @ntadmin guestok = yes vfs object = vscan-fprotd netatalk audit recycle:repository recycle:keeptree recycle:versions ########################################################## #use this if you want profiles in a seperate share #[profiles] # comment = Roaming Profile Share # path = /files/profiles # read only = No # browseable = No # # end of generated smb.conf # Best Regards ----- Original Message ----- From: "lovswr1" <[EMAIL PROTECTED]> To: "samba" <[EMAIL PROTECTED]> Sent: Sunday, November 16, 2003 7:14 PM Subject: [Samba] Can not add users to samba 3.0 > Hello, I can not seem to get smbpsswd to add any users to samba. No > matter if I use the CLI, the Webmin module or SWAT I always get this > response when trying to add any user > > [EMAIL PROTECTED] samba]# smbpasswd -m -a gerard > Failed initialise SAM_ACCOUNT for user gerard$. > Failed to modify password entry for user gerard$ > > > I take it this has somehting to do with PAM & or shadow passwords, & I > have been lookig for a about a week & the best that I can find anything > related to this 'SAM_ACCOUNT' that resembles my problem, is that I need > to make sure that ./configure (I have no idea which ./confiugure it is > although I suspect that it is the one from a manual build of samba. > Since mine was installed along wtih a bunch of other stuff when I > upgraded from RH9 to fedore core 1, I have no idea where it might be) > has PAM & or shadow options enabled. Any help in this matter would be > greatly appreciated. > > > # Global parameters > [global] > encrypt passwords = yes > unix password sync = yes > security = SHARE > preferred master = Yes > log file = /var/log/samba/%m.log > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > server string = Samba Server > pam password change = Yes > passwd program = /usr/bin/passwd %u > socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 > dns proxy = No > workgroup = MATRIX > ldap ssl = no > valid users = gerard, lovswr, marlene, vswr > max log size = 0 > printing = cups > hosts allow = pc2, freebsd, matrix1 > guest account = > > [homes] > comment = Home Directories > path = /home/public > read only = No > create mask = 0664 > directory mask = 0775 > guest ok = Yes > > [printers] > comment = All Printers > path = /var/spool/samba > printable = Yes > browseable = No > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba